New Technology = New Concerns For Hotels

Posted on December 5, 2012 04:20 by Philip M. Gulisano

Recently Forbes.com published an article exposing a security flaw in common keycard hotel room locks that permitted hackers with a digital device to effortlessly trigger the opening of the locking mechanisms. This, of course, would allow the hacker to have access to the personal belongings inside the room or, worse yet, unwanted access to the guests themselves.  The “security vulnerability” was said to be present in keycard locks built by a particular lock company and specifically in a model of lock that appears in at least four million hotel rooms worldwide. There are believed to be a number of “patches” to fix the issue, which vary in cost.

While the lock manufacturer in such an instance may certainly be responsible if its locks do not perform as intended, generally, a property owner or lessor, such as a hotel, has a duty to keep its guests safe from known or reasonably anticipated dangers. This begs the question of what is a hotel’s duty or obligation to its guests when it knows, or should know, that the locks present on the hotel room doors, which guests would reasonably anticipate are capable of keeping people out, are highly vulnerable to hackers.
 
To start, any hotel that has direct knowledge that its room door locking mechanisms, whichever they are, do not perform as intended and as relied upon by its guests, would be wise to immediately remedy the problem to ensure the safety and comfort of the guests.  One could easily imagine the horrific publicity and liability if it was discovered that guests were losing property, being assaulted or otherwise attacked in the confines of their presumptively safe hotel room if the hotel knew that the locks were easily by-passed. 
 
Often times, with new technology comes uncertainty with how it will perform and whether there will be “bugs” in the system.  However, almost by definition technology has faults that its possessors must investigate, anticipate and seek to minimize.  It would be wise for any hotel to understand what issues and/or risks exist with the technology it uses and develop a plan to minimize those risks and ensure its guests have a safe stay and come back again.

Bookmark and Share

Categories: Hospitality Law | Privacy | Retail | Technology

Actions: E-mail | Comments

 

ON YOUR MARK…., GET SET…., SHOP!

Posted on November 15, 2012 02:17 by Philip M. Gulisano

With the start of the holiday shopping rush just a week away, retailers should be mindful of their responsibility to keep customers safe when large crowds gather to take advantage of well-advertised and highly-anticipated sales. Customers, drawn by the promise of “doorbuster savings” and warned of limited quantities, do not always act in the most courteous manner when rushing to enter the store and running toward the products they desire.  Sadly, it has become all too common for injury, whether accidental or intentional, to occur as customers dash into and through stores during these special sales, and when a customer is injured during the clamor, a retailer can be held liable.

Although the law varies from state to state, in many states, a retailer’s duty to use reasonable care to protect customers from reasonably anticipated injuries includes foreseeing that large crowds might gather due to the advertised sales and that individuals might be injured due to the overcrowding, the congestion at the door, or the unruliness of the other customers.  Consequently, a retailer may be held liable to a customer who is injured due to pushing, crowding, trampling, or jostling by other customers when the retailer conducts a promotional activity or sale that will foreseeably cause crowds to gather and push.

At least one jury has determined that reasonable care when undertaking a special promotion that might cause people to run, push, and shove includes the retailer giving warnings of the dangers involved, taking steps to control or police the crowd, using loud speakers to warn the crowd not to run over people, and warning the elderly or children to stay out of the crowd.    Given the tragedies that have occurred in the past several years during “Black Friday Sales,” it is advisable for retailers to, at the very least, implement the above measures.  However, the above measures may not be sufficient given the particular circumstances of a retailer.  That is why each retailer should conduct a careful risk assessment evaluation that is tailored to its location and history.  This assessment will allow the retailer to develop and implement a plan that keeps its customers safe and happy during this holiday season. Now go shopping!

Bookmark and Share

 

RETAILERS WHO “SPY” BEWARE

Posted on September 27, 2012 02:22 by Philip M. Gulisano

Retailers providing consumers with electronics on a rent-to-own basis face many challenges in ensuring that they are paid for the electronics that they rent.  In particular, computers are small and easy to hide if a retailer seeks to repossess the computer from a non-paying customer.  The temptation to use software that allows the retailer to view where the computer is located and what the renter is doing with the computer is strong, however, the consequences of doing so can be high.  Obtaining information from the computer without the renter’s knowledge or consent not only erodes the renter’s trust and confidence in the retailer, but also opens the retailer up to possible civil and criminal liability.

The recent settlement of charges brought against several rent-to-own companies by the Federal Trade Commission highlights that using software that can log onto a computer, turn on the webcam to take photographs, take screen shots of the computer user’s activities on the computer, and log the keystrokes of the computer user, comes with a price.   According to one news report, civil penalties are not a part of the settlement because civil penalties cannot be imposed for a first violation of the Federal Trade Commission Act.  However, the companies are required to cease using their “spy tools” and, presumably in the future, advise renters of the use of tracking software.  

Further, aside from possible federal action and the costs associated with defending such actions, retailers need to consider possible civil and criminal liability under state laws.  While laws vary from state to state, several states recognize a tort for invasion of privacy, such as intrusion upon seclusion.  Capturing images of a person in a private setting, particularly while engaged in private acts, without the person’s knowledge or consent, may subject a retailer to a civil action.   Even in states that do not recognize a tort for invasion of privacy, under certain circumstances, a person who secretly videotapes an individual engaged in private actions may be liable for the tort of intentional infliction of emotional distress.  Remember that if you use a webcam to take pictures of the area surrounding the computer, you may be capturing images of individuals other than the renters.  Criminal liability is also arguably possible if the state has a statute prohibiting unlawful surveillance and, in some states, there is the possibility, in certain situations, of criminal liability for installing and using key stroke logging software to collect personal information.

If you decide that despite the risks, it is necessary to install and use tracking software, be sure to advise renters of the presence of the software, its uses, and your policy on its use.  The best practice would be to obtain an acknowledgement from the renter, in writing, that the renter was so advised.

Bookmark and Share

 

In the wake of the recent tragedy in Aurora, Colorado, retailers, restaurants and other establishments open to the public must be ever vigilant to the actions of “third-parties” to ensure, first and foremost, the safety of their patrons, as well as protect themselves from potential liability stemming from such actions.

In most states, New York included, businesses have a duty to maintain their premises in a reasonably safe condition, which includes taking minimal precautions to protect members of the public from the reasonably foreseeable criminal acts of third-persons.  Often in cases a plaintiff will allege that the proprietor should have anticipated the criminal actions of a third-party due to some advanced notice, such as specific comments or threats made, a highly publicized event, the expectation of an excessive number of people attending an event, and so on.  While many such lawsuits are typically broadly worded so as to “state a cause of action” and pass any initial dismissal challenges, few make it to a jury due to the difficult burden of establishing that a third-party’s criminal actions were or should have been anticipated.

With the horrible set of circumstances that are coming to light in Colorado, which seem too frequent lately, one must ask the question, will Courts eventually require proprietors to expect the unexpected?  For now, it is wise for proprietors to take any information they perceive or receive seriously to prevent such tragedies and avoid the legal system.


 

Bookmark and Share

 
 

Submit Blog

If you wish to submit a blog posting for DRI Today, send an email to today@dri.org with "Blog Post" in the subject line. Please include article title and any tags you would like to use for the post.
 
 
 

Search Blog


Recent Posts

Categories

Authors

Blogroll



Staff Login